At CircleHD we treat security as our main feature. Right from user authentication to backup data handling we have followed the industry standard best practices to keep your data secure.
CircleHD Simplified user authentication or Single Sign On (SSO) is made secure by trust established over RSA 2048 bit public key infrastructure. That requires both parties (IDP: Your Side and SSP: CircleHD) to sign and verify challenges and responses with an established cryptographic key. If the keys were compromised due to any reason the trust is broken. Therefore key rotation is a best practice to keep the trust established.
We rotate our keys twice a year and there is no significant impact or downtime at your end. Your IDP may rotate keys periodically. Typically once or more every year. Please refer to your IT administrator to plan for certificate rotation and downtime. Although SSO continue to work with out any rotation, we recommend rotating keys at-least once every year.
When your IDP rotates keys you must update CircleHD SSO configuration. If key expires at your end, Single Sign On Authentication will fail.
Only admins on CircleHD can rotate keys. If you don't have admin permission, please contact your admin or email@example.com for additional help.
New Certificate File.
Two browser sessions (Optional, but recommended)
Plain Text Editor such as Notepad or Sublime Text
To update the SSO, navigate to Portal Settings -> Single Sign On
Backup the current certificate by Copying into a text editor such as Notepad or Sublime Text and save the file to disk.
Open the key provided by your IT admin using a text editor. Paste the certificate content into the Certificate box #3 below.
Log out and Log In back to make sure your changes have taken effect. If everything works, we are done.
If there is an issue with the SSO. Go back to the previous browser session and replace the certificate. Click Save.
Navigate to yoursite.circlehd.com in a different browser window to make sure you can login using the old certificate.
Contact CircleHD. Email firstname.lastname@example.org